Docs
Status ↗︎Log In 🇺🇸 ↗︎Log In 🇬🇧 ↗︎

Configure Okta SSO

Set up Okta SSO for Truepic Vision using the Okta Integration Network and Express Configuration.

Configure Okta SSO for your Truepic Vision organization so your team can sign in with your existing Okta identity provider.

Supported features

  • Service provider initiated authentication (SP-initiated SSO): This flow starts when a user signs in at vision.truepic.com.
  • Just-in-time (JIT) provisioning: Users are created automatically the first time they sign in.
  • Universal Logout: When enabled, Okta can terminate sessions and tokens when risk is detected or when an administrator initiates logout.

Before you begin

  • Confirm you are a Truepic Vision customer.
  • Sign in to your Okta tenant with administrator access.
  • Contact your Truepic support team to confirm Okta SSO is available and appropriate for your use case.

Configure Okta SSO

Follow these steps in order.

1. Add the Truepic Vision application in Okta

  1. In Okta, go to Applications > Browse App Catalog.
  2. Search for Truepic Vision.
  3. Click Add Integration.
  4. Click Done to add the application.

2. Run Express Configuration

  1. Open the newly created Truepic Vision application.
  2. Click the Sign On tab.
  3. Click Express Configure & Universal UL.
  4. When prompted, enter your existing Truepic Vision login credentials.
  5. Select the organization you want to configure with Okta SSO.
  6. Approve the connection with Truepic to complete setup.

3. Enable Universal Logout

  1. In the Sign On tab of the Truepic Vision application, select Okta system or admin initiates logout.
  2. Save your changes.

4. Notify Truepic

  1. Send an email to [email protected] confirming that you completed Express Configuration.
  2. Wait for Truepic to confirm that setup is complete before assigning users or testing login.

Truepic support will:

  • Enable home realm discovery for your domain.
  • Enable application access so your users can log in.

5. Assign users and test login

  1. After Truepic confirms setup is complete, assign your admin account to the Truepic Vision application in Okta.
  2. Assign any additional users or groups that should have access to Truepic Vision.
  3. Go to vision.truepic.com.
  4. Sign in with the admin account.
  5. Confirm that you are automatically redirected to your Okta sign-in page.

Optional: Understand how login works

Truepic Vision supports only service provider initiated authentication (SP-initiated SSO), which means the login flow always starts from Truepic Vision.

Users cannot launch Vision from the Okta dashboard tile. To sign in:

  1. Open https://vision.truepic.com.
  2. Enter your enterprise email address.
  3. Complete sign-in on your Okta login page.
  4. Return to the Truepic Vision dashboard after successful authentication.

Optional: Understand just-in-time (JIT) provisioning

Just-in-time (JIT) provisioning automatically creates a Truepic Vision user account the first time a new user signs in through Okta.

When that happens, Truepic Vision provisions these attributes from the Okta user profile:

  • Email address
  • Full name

Optional: Understand Universal Logout

When Universal Logout is enabled, Okta can terminate active Truepic Vision sessions in these cases:

  • An administrator initiates a logout from the Okta Admin Console.
  • Okta detects risk and terminates sessions for security.

Troubleshooting

If you run into issues during configuration or login, contact Truepic support at help.truepic.com or reach out to your Truepic account team.

Updated 9 days ago